Imagine the consequences should your entire supply-chain network be taken down. What if your community hospital’s patient database was hacked and uploaded to the web for all the world to see? What if names and photos of your loved ones were scattered across nefarious social media platforms frequented by anti-government militias, some of which have demanded the hanging of public officials? Consider the impact if school district student, staff and parent identities were exposed on dark web sites – all while under your watch!
Think it can’t happen to your jurisdiction? Think you’re safe from cyberattack? Think again!
The city of Oldsmar, Fla., could have never imagined what took place on Friday, Feb. 5, 2021. A cyber attacker was able to breach a computer system controlling the city’s water treatment plant and briefly increased the amount of sodium hydroxide from 100 parts per million to 11,100 parts per million – dangerous levels that could have been catastrophic.
Unfortunately, our nation is on the verge of a cyber tsunami. A cyber pandemic, if you will, supported by foreign state actors, conspired by domestic terror groups, and staged by cyber criminals increasing in sophistication and poised to attack. No organization is immune. Like the spread of COVID-19, a single terroristic cyberattack can have a devastating and lasting business and economic impact on serving and protecting your constituents. And, even more important considering today’s civil unrest, on preserving the trust of the publics you serve.
In 2020, an unprecedented number of ransomware and other destructive cybersecurity attacks targeting state and local governments were reported – including significant attacks on infrastructure, water and utilities. Several of these attacks forced elected officials to make record-breaking ransom payments. Other municipalities are still reeling from the fallout of data breaches and the dissemination of personal information. With the competing pressures of COVID-19, a fragile economy, the advent of civil unrest, and a rise in violent crime, state and local officials are being tested from every angle and are now compelled to reconsider the way they have approached cybersecurity and risk.
Consider the impact of a single cyberattack on the city of Baltimore. At a meeting on May 29, 2019, Baltimore’s city budget office estimated that it would cost approximately $18.2 million to recover from the damages of the ransomware attack that began May 7. That was in addition to the $4.6 million the city has already spent on the restoration effort.
Corporate executives across America forever realized that their corporation’s good standing, and that of their board, could be devastated by a single cyber event – falling stock prices, loss of faith in leadership, even shutting their doors. It took years for cybersecurity to be recognized as something much more than a bellicose assault on an IT system and work its way to the top of the priority list for the corporate boardrooms and C-suite executives.
For decades, since most local government leaders were not well versed in cybersecurity, nor realized the catastrophic impact a single attack may have on governance, an elusive line separated cybersecurity from “the business of governing.” At the same time, many IT and local government security experts approached cybersecurity as simply an IT issue managed by technology and regulation and not something that needed to be brought to the attention of chief elected officials. In fact, a survey released late last year confirms that while many local and county governments claim to have a cybersecurity plan in place, there remains an anemic, even apathetic, response from local leaders who continue to signal that cybersecurity is not a priority.
Depending on the size of the municipality, local and county governments can often maintain more constituent data than the entire federal government – consider tax records, school enrollment information, licensing data, healthcare records, even criminal backgrounds. Considering the current political climate, where extremists continue to call for violence and subversion, this data is particularly valuable, and vulnerable, to hackers, malicious actors and extremist groups seeking to cause community chaos. Since local governments retain a wealth of personally identifiable information, they have a fiduciary duty – a cyber “Duty of Care” – to safeguard that critical constituent data.
No matter the size of the municipality, county or parish, every jurisdiction is at risk of a cyberattack. Local government must be proactive, not reactive, in protecting their networks from malicious, terroristic cyberattacks. As large-scale data breaches continue to increase, causing considerable damage to municipal infrastructure and potentially catastrophic service disruption, and even destroying careers, local governments must take every measure to protect their most valuable assets and make cybersecurity a priority, now.
In light of the acceleration of digital transformation, an increase in remote network access and, as a result, the imminent and ever-present danger of cyber threats, local governments must focus on strengthening their cybersecurity efforts. It begins with understanding the most critical vulnerabilities – those that will have the greatest impact on your infrastructure in case of a cyber breach.
Foundational to a commitment to cybersecurity is a cyber vulnerability risk assessment. This is a critical first step in cybersecurity best practices that should be immediately pursued by local government officials. A risk assessment can quickly identify and prioritize cyber vulnerabilities so that you can immediately deploy solutions to protect critical assets from malicious cyber actors while immediately improving overall operational cybersecurity. These appraisals are critical so elected officials can best determine the probability of an attack against the county or jurisdiction and the potential impact an attack could have on the reputation, finances, and overall public health of the counties or jurisdictions. Not to mention providing public officials the peace of mind of knowing how to defend their organizations against their most critical cybersecurity challenges.
Cybersecurity should be viewed as a shared responsibility across the entire organization and requires a top-down approach that must include the entire chain of appointed and elected officials in local government. Having visibility of the threat trajectories and identifying the myriad threats to government operations and activities – and options to address gaps – is a good first step in the risk management process.
The commitment to cybersecurity starts at the top. Take the lead and be proactive in cyber risk management. Don’t think it can happen to you? Think again.
The views expressed here are the writer’s and are not necessarily endorsed by Homeland Security Today, which welcomes a broad range of viewpoints in support of securing our homeland. To submit a piece for consideration, email [email protected] Our editorial guidelines can be found here.
Chuck Brooks, President of Brooks Consulting International, is a globally recognized thought leader and subject matter expert Cybersecurity and Emerging Technologies. GovCon & Executive Mosaic named him as one of the top executives to follow on government cybersecurity. LinkedIn named Chuck as one of “The Top 5 Tech People to Follow on LinkedIn.” He was named by Thompson Reuters as a “Top 50 Global Influencer in Risk, Compliance,” a “Top Cybersecurity Expert to Follow in 2021” by Cybersecurity Ventures, and by IFSEC as the “#2 Global Cybersecurity Influencer.” He was featured in the 2020 Onalytica “Who’s Who in Cybersecurity” – as one of the top Influencers for cybersecurity issues. Chuck, a two-time Presidential Appointee, serves as Adjunct Faculty for Georgetown University’s Graduate Cybersecurity Risk and Applied Intelligence Programs and recently briefed the G-20 Energy Conference on operating systems cybersecurity. Chuck has an M.A. from the University of Chicago, and a BA from DePauw University.
Paul Goldenberg currently serves on the Board of Advisers for CyVision Technologies, a leading cybersecurity company. He is President and CEO of Cardinal Point Strategies and is a member of the United States Department of Homeland Security’s Advisory Council (HSAC) where he served as Chair of both the DHS National Cyber Security Task Force and DHS Foreign Fighter Task Force, and Co-Chair of the DHS Countering Foreign Influence Subcommittee. He provides counsel to government, faith based and NGO organizations in cyber security policy, capacity building, transnational security, counter terrorism and information sharing. His public career includes more than two decades as a former senior official of the New Jersey State Attorney General’s Office, Director of the nation’s 6th largest county social service and juvenile justice system, and as a law enforcement official who headed investigation efforts for significant cases of domestic terrorism, political corruption, and organized crime.
Brian Harrell was appointed by the President of the United States in 2018 to serve as the sixth Assistant Secretary for Infrastructure Protection, at the Department of Homeland Security. Brian also served as the first Assistant Director for Infrastructure Security at the U.S. Cybersecurity and Infrastructure Security Agency (CISA). Brian has spent time during his career in the US Marine Corps and various private sector agencies with the goal of protecting the United States from security threats. Brian is a Board Member and Strategic Advisor to many great companies.